Judge gives second AT&T iPad hacker more time to make plea deal
Follows in footsteps of co-defendant, who pleaded guilty last month in return for recommended 12-to-18-month sentence
Computerworld - A federal judge has put the case against a man charged with hacking AT&T's website on hold to allow plea negotiations to continue, court documents show.
On Wednesday, U.S. District Court Jude Susan Wigenton suspended the case against Andrew Auernheimer, who faces a maximum of 10 years in prison if convicted of two felony charges, conspiracy to access a computer without authorization, and fraud in connection with personal information.
"Plea negotiations are currently in progress and both the United States and the defendant desire additional time to finalize a plea agreement, which would render trial of this matter unnecessary," Wigenton wrote in her order, made public Thursday on the U.S. Department of Justice's case database.
Auernheimer and his court-appointed federal public defender have been negotiating a plea agreement for at least the last month.
Auernheimer, who goes by the online nickname of "weev," was a member of Goatse, a loose collection of hackers, authorities have alleged. Along with co-defendant Daniel Spitler, he is accused of stealing approximately 120,000 names and email addresses of iPad 3G owners from AT&T servers in June 2010 using an automated scripting tool.
Among the email addresses eventually made public -- Auernheimer gave information obtained from AT&T to the Gawker website -- were those belonging to New York Mayor Michael Bloomberg, former White House chief-of-staff Rahm Emanuel, and top executives at Dow Jones, The New York Times Co. and Time Warner.
At the time, Auernheimer argued that the hack was "ethical" and "in the public interest" because it revealed a flaw in AT&T's website.
Later he accused AT&T of dishonesty when it downplayed the damage to affected customers.
Auernheimer argued that other hackers armed with an iPad exploit could have used the email addresses in a targeted attack.
"A complete list of iPad 3G customers, which could have been generated from this vulnerability [Goatse uncovered], would have the ideal bit of data for those...with zero-day Safari exploits," Auernheimer claimed in a June 2010 post to the Goatse blog.
But according to the federal indictment against Auernheimer, he and Spitler had discussed exploiting their hack. "This could be like, a future massive phishing operation serious like this is valuable data," Auernheimer allegedly told Spitler in an IRC chat that authorities included in the indictment.
"Well I will say this it would be against the law ... for ME to short the att stock but if you want to do it go nuts," Auernheimer said to Spitler in another chat fragment. "If you short ATT dont let me know about it."
Spitler pleaded guilty last month to similar charges. His plea agreement recommended a 12-to-18-month sentence.
Auernheimer's attorney did not reply to a request for comment.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
- Hackers steal user data from the European Central Bank website, demand money
- Arrests made after international cyber-ring targets StubHub
- SQL injection flaw opens door for Wall Street Journal database hack
- Goodwill Industries probes possible payment card breach
- Aloha point-of-sale terminal, sold on eBay, yields security surprises
- The biggest data breaches of 2014 (so far)
- Blue Shield discloses 18,000 doctors' Social Security numbers
- PF Chang's says breach was 'highly sophisticated criminal operation'
- Breaches exposed 1 in 7 US debit cards in 2013
- New malware program targets banking data
Read more about Legal in Computerworld's Legal Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- The Truth About Virtual Computing for CAD If you're a user of graphics-intensive software such as 3D modeling, simulation and analysis, and visualization, you might be skeptical about moving to...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Simplifying Product Design In A Complex World Product design engineering has moved far beyond the confines of ever-more powerful workstations. Companies can't afford to restrict projects to using only local...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Why Are Customers Really Deploying an NGFW? It seems every IT Security expert is talking about the NGFW, but what are people really doing? This webcast covers 5 real-world customer... All Legal White Papers | Webcasts